-
-
Notifications
You must be signed in to change notification settings - Fork 589
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Could not find the documentation on "How to write the config file" #537
Comments
We have some documentation on this website https://securego.io/docs/rules/rule-intro.html, which is stored in this repository https://github.com/securego/securego.github.io but the config part is not covered. Happy to accept a pull request if you are willing to contribute. Please just reach out to me on slack if you need any help. |
@ccojocar what needs to be done for the documentation ? keen to help out for this ticket. |
@nanikjava You can try to add some documentation for configuration keys in https://github.com/securego/securego.github.io. These are some places to check in the code where the configuration is parsed:
It would be also nice to add in the docs a sample file for configuration. |
@ccojocar Going through the above mentioned code found that the complete JSON file will look like this
Is this correct ? |
I think there are a few more config flags. For instance each rule can be enabled/disabled. You can search trough the code to find all invocations of
and
|
Went through the code as you suggested found the following for
Is this what you referring to ? |
Yeah, some rules have specific settings (e.g. hardcoded credentials). |
Summary
I want to exclude false-positives using the config file in GoSec. I understand that this can be done by giving the option -config . However, there is no proper detailed documentation on the syntax of writing this file.
Is there any documentation other than readme on this? If not can you please make a detailed document?
The text was updated successfully, but these errors were encountered: